from the and-hopefully,-head-off-further-damaging-CFAA-precedent dept

Andrew "Weev" Auernheimer is appealing his 41 month prison sentence (and its accompanying fine of $73,000). Many members of the security community have expressed concern with this ruling, especially in light of other CFAA cases. Auernheimer's exposure of AT&T's security hole doesn't really seem like the sort of thing that should be punished, at least not with multiple years in jail and a hefty fine. Then there's the unsettling feeling that the US prosecutors pushed hard for a prison sentence because they found Weev unlikable.

Fortunately for Weev (and others who have or will run afoul of the CFAA), Orin Kerr has stepped up to offer pro bono representation in Auernheimer's appeal (along with members of the EFF). Kerr, most recently spotted here going head-to-jackass with Rep. Gohmert over the legality of "destroying" a hacker's computer, has a very thorough post discussing his reasons for joining the fray. Basically, it boils down to this: nearly everything about the government's decision is wrong, which is problematic if this ruling is going to be used as precedent in future CFAA cases.

In the government’s view, visiting the URLs was an unauthorized access of AT&T’s website. But I think that’s wrong. At bottom, the conduct here was visiting a public website. As the Sixth Circuit stated in Pulte Homes, Inc. v. Laborers’ International Union Of North America, 648 F.3d 295 (6th Cir. 2011), everyone is authorized to visit an “unprotected website” that is “open to the public.” The fact that AT&T would not have wanted Spitler to visit those particular URLs doesn’t make visiting the public website and collecting the information a criminal unauthorized access. If you make information available to the public with the hope that only some people would bother to look, it’s not a crime for other people to see what you make available to them.

According to Kerr, undesirable access does not equal unauthorized access. The URLs were publicly available due to AT&T's own carelessness. What this actually looks like is the vindictive pursuit of an individual for publicly embarrassing the company. But it's not all on AT&T. The prosecutors themselves had to do a bit of creative sentencing to arrive at a "suitable" punishment for Weev's "hack."

Unauthorized access is ordinarily a misdemeanor. Why is this crime a felony? Here’s the government’s remarkable theory. All 50 states have state unauthorized access computer crime statutes similar to the federal unauthorized access statute. The government’s theory is that this overlap turns essentially all federal CFAA misdemeanors into federal felonies. They rely on 18 U.S.C. 1030(C)(2)(B)(ii), which states that a misdemeanor unauthorized access becomes a felony when it is “in furtherance of any criminal or tortious act in violation of the Constitution or laws of the United States or of any State.” The government argues that the existence of state unauthorized access crimes transform unauthorized access misdemeanor crimes into felonies: The overlap means that every federal unauthorized access crime is a federal crime “in furtherance of” the analogous state crime.

As Kerr states, this is nothing more than disingenuous double-counting being done for no other reason than to make the charges carry some weight. A misdemeanor results in a slap on the wrist, something that would hardly make AT&T happy. This isn't Kerr's (or the government's) first experience with hacking-related double-counting.

Back in 2011, Sarah Palin's email account was hacked and the Justice Department attempted to charge the hacker under two overlapping laws: "hacking into a computer" and "hacking an email account." This was overturned on appeal by the Fourth Circuit court, stating that the Justice Department's attempt to double dip a single action violated US principles on double jeopardy. This situation is more of the same, only with a convenient overlap of federal and state laws allowing prosecutors to ratchet up the charges from a misdemeanor to a full-blown felony.

In addition to these problems, Kerr also finds some jurisdictional issues at play. Even though none of the principals are located in New Jersey, the charges were brought in that state. The rationale? Some of the email addresses belonged to New Jersey residents. This paper-thin justification for filing charges in a pretty much unrelated state gives the appearance of prosecutorial venue shopping.

The most ridiculous aspect of the case is Kerr's final reason for stepping in: the sentence.

The largest part of Auernheimer’s sentence was due to an alleged $73,000 in loss suffered by AT&T. Under the provisions of the Sentencing Guidelines associated with 18 U.S.C. 1030, sentences are based primarily on the amount of loss caused by the crime. More dollar loss to the victim means more time in prison for the defendant.

AT&T claims it incurred costs of $73,000 due to Auernheimer's actions. But it claimed no loss to its computers, it suffered no downtime and lost no data. The only assertion of loss comes via AT&T's efforts to notify customers of the data breach.

First, AT&T notified its customers by e-mail. That was free, leading to a “cost” so far of zero. But then AT&T decided to follow-up the e-mail notification with paper letter notification, and the postage and paper costs amounted to about $73,000.

That's right. Auernheimer has to repay AT&T for envelopes and stamps with $73,000 of his own money -- and 3-1/2 years of his life. As Kerr points out, AT&T cannot reasonably pin this notification expense on Auernheimer as these costs are not "directly attributable" to the defendant's access of its supposedly off-limits URLs. Furthermore, Kerr says these costs are not "reasonable," considering AT&T's electronic notice to its customers was largely successful. In essence, Weev is doing time because he raided AT&T's petty cash box by proxy. Hopefully, this appeal will overturn this misguided sentence and prevent the CFAA from becoming an even worse law, thanks to the precedent set by this decision.

from the good-to-see dept

This is cool to see. An absolutely awesome group of folks have set up a project called the Freedom of the Press Foundation, which is raising money to donate to various online projects that (you guessed it) help create a more free and open press. Part of the idea is that by funneling money through a foundation like this one, projects like Wikileaks can more easily get funded, without risk of being cut off individually (a la Wikileaks being cut off from most funding sources). Of course, it's not just Wikileaks, but sites like Muckrock, which we've used for a while to help with our Freedom of Information Act requests and some other "citizen journalism" sites.

Among the high profile folks behind the site are Daniel Ellsberg, of the Pentagon Papers fame, some EFFers, including founder John Perry Barlow and activists Trevor Timm (who's the executive director of this new project) and Rainey Reitman. Then there are people like journalists Glenn Greenwald, Josh Stearns and Xeni Jardin, and filmmaker Laura Poitras (who is working on a film about Wikileaks and internet freedom, and has been "detained and interrogated about her work at the U.S. border over 40 times.") And also actor John Cusack -- whose name appears a bit out of place, but he's been active in these kinds of issues.

I hope the project works out well. It's something that is clearly needed.

from the will-it-work? dept

The folks over at EFF have launched a new site called DefendInnovation.org that seeks to get people to speak up about fixing the patent system, specifically around software patents. It puts forth a series of key suggestions:

To me, number four is the key one and would fix a large number of issues with the patent system. I've been arguing for an independent invention defense for years. In fact, I'd take it slightly further. Since patents are only supposed to be granted on ideas that are non-obvious to those who are skilled in the art, the fact that there is independent invention suggests evidence that it is obvious to those skilled in the art, because multiple "skilled in the art" practitioners are arriving at the same obvious conclusion. Thus, such patents should be invalid, beyond just allowing the independent inventor a defense.

Some don't think the EFF is going far enough. Tim Lee put together a petition, asking the EFF to go even further and oppose software patents altogether. You could argue that point number seven gets towards that. In fact, you could argue that point number seven should be the whole ballgame here. The fact that we don't have any evidence that software patents benefit the economy should make the whole system a mockery. Either way, the EFF's response to the whole "abolish software patents" issue, is that there needs to be a first step:

Regardless of whether you think software patents should be abolished altogether or just reformed, the first step is recognizing that a one-size-fits-all patents system doesn’t make sense and that we need to treat software patents differently from other types of patents. Without that, no effort – whether reform or abolition – can be successful.

To be honest, as bad as software patents can be, I still do worry about hardware patents as well. So I don't think we should lose sight of the independent invention defense (or independent invention as evidence of obviousness) as a useful tool to fix many of the larger problems with the system. There are some other potential fixes out there as well, including something akin to an anti-SLAPP law for patents -- where it's clear that the lawsuit is an abuse of the patent system, just to try to get a company actually producing a product to pay. A big part of the problem today is how expensive a patent lawsuit is, and how difficult it is to get one dismissed without first having to spend upwards of a million dollars (no joke). That leads many companies to settle. This is, obviously, what point number 2 in the Defend Innovation campaign is about, but getting faster, anti-SLAPP-like dismissals would be a big help as well, as no company wants a big expensive lawsuit hanging over them.

Either way, it's good to see renewed emphasis on the problems of the patent system, especially after Congress and President Obama pretended that they'd "fixed" everything last summer with the patent reform bill that did very little (and probably made some things worse).

from the good-for-him dept

To hear folks in Hollywood talk about it, the US's indictment and prosecution of Megaupload are a done deal. Without any actual trial, people have decided that the company is clearly 100% evil and guilty. Yet, as we keep noting, the details of the indictment and prosecution keep turning up significant errors on the part of the US, as well as questions about the legality of what the US did. And plenty of people who really understand this stuff deeply are speaking out in agreement. The latest is a former federal judge, Abraham David Sofaer, who found the whole situation so troubling that he's helping the EFF -- for free -- with its efforts to get Megaupload users' data back.

Having looked over the details of the case, he's speaking out against it. According to an interview he did with David Kravets at Wired:

“It’s really quite outrageous, frankly... I was thinking the government hadn’t learned to be discreet in its conduct in the digital world. This is a perfect example on how they are failing to apply traditional standards in the new context.”

When it comes to the government's insistence that users can't get their data back, Sofaer is quite troubled:

“That’s a dangerous road,” Sofaer said.

He suggested that the government hasn’t quite caught up to the digital age. He doubts the government would take the same position with a bank it seized.

“Of course they would help customers get back their deposits,” he said. “But think about this new world. You can see very clearly that the government is acting in a manner that is indiscriminate.”

I can't wait to see our usual critics explain how this former federal judge is just a pirate apologist who doesn't understand the law.

Also, Patricia will be joining us for a live Q&A discussion session about the book on Friday, June 8th at 1pm PT/4pm ET. If you have some initial questions, you can post them below or on the Step 2 discussion page, and we'll try to incorporate them into the Q&A.

Myths and Realities about Fair Use

MYTH: Fair Use is only valid when it is non-commercial.

REALITY: Fair use is designed to expand the range of cultural production, not just the range of
non-commercial cultural production. Almost all the occasional litigation on fair use, which has
determined this legal trend of interpretation, has been over commercial uses. (Generally lawsuits
aren't begun if there is no money to be gained.) Fair uses can be made of copyrighted material in
any commercial context, so long as the “four factors” of consideration tilt toward the value of new
contributions to culture against the cost to current owners. Currently the simplest calculation, the
one preferred by the courts, is to find transformation (reuse for a different purpose), and to make
sure that only as much of the original has been used as is necessary for the transformation; this is
best done with a justification for the habits and practices of a particular creative or user community.

MYTH: Any non-commercial use is fair.

REALITY: Who's it hurting, right? That's a common argument, especially among vidders, remixers,
and other creators in the online video environment, but the law doesn't in fact exempt
non-commercial uses. The law does privilege such uses in some cases, but you will unfortunately
today be in a grey zone if you lean exclusively on the fact that you're not selling your work. That's
especially true in online situations, where you may not be making money off your work but
somebody else is—usually an advertiser placing ads on a site, or a data miner. (There is no legal
definition of “non-commercial.”) Besides, giving work away that contains valuable pieces of other
people’s work can indeed hurt someone else’s pocketbook. If you have a legitimate fair use claim,
that pocketbook problem can be overridden (depending on how severe it is). Simply not making
money does not give you a fair use pass.

MYTH: Fair use is always valid if you're using it in an educational context, and especially
within a classroom.

REALITY: Being a good guy is not necessarily enough. Educational uses have their own special
exemptions, but fair use in any educational context will have to abide by the same logic as in other
contexts. But because fair use analysis is always done, implicitly or explicitly, within the context
of a community of practice, you can refer to the mission and needs of your field. Educational
contexts provide some very easy justifications for transformation (such as that students are analyzing
the content). Educators need to pay particular attention to their claims to fair use if they are
using commercial materials explicitly designed for their educational environment. In that case, an
educator's use might not be transformative. Sometimes codes of best practices apply; for instance,
media literacy teachers can consult the Code of Best Practices in Fair Use for Media Literacy Education
(centerforsocialmedia.org/fair-use/best-practices/media-literacy).

MYTH: Fair use is only about criticism and commentary, like parody for example.

REALITY: Criticism, commentary, satire and parody are all great examples of ways in which
copyrighted material is reused for a different purpose than for its original market, in the process
of creating more culture. (How does satire differ from parody? They are closely related. Parody
holds up to usually-funny commentary a particular work. Satire pokes usually ironic fun at anything
including behavior.) But they are not the only kinds of activities that qualify as transformative fair
use. Pastiche without a specific point to make—a collage or mashup--can also be a fair use. So might
quotation for discussion--and much more.

MYTH: Fair use is “the right to hire a lawyer.”

REALITY: In fact, fair use is no vaguer or unclear than other rights of free expression. Like with
questions of libel, indecency or obscenity, there are clear areas of comfort and safety, marginal
or risky areas, and troublesome areas. Most people most of the time know where they are. Your
greatest comfort is in knowing that your peers in a community of practice have already agreed
upon standards of interpretation. Many people have taken the comment of legal scholar Lawrence
Lessig, made at the beginning of the 21st century, that “fair use is only the right to hire a lawyer” at
face value and repeated it many times since. But Lessig made that remark before the beginning of
the current fair use movement, which has greatly clarified safe interpretations of fair use for many
communities. Indeed, he made that before he himself founded the Fair Use Project at Stanford,
which encourages wider interpretation of fair use.

MYTH: Fair use needs a really good “test case” in the courts, to set precedent.

REALITY: There are several reasons why we shouldn’t wait for litigation to improve our access
to fair use. First, fair use is only occasionally litigated; this is particularly true now, since fair use
is regarded with such favor by judges. Copyright holders with good lawyers understand that any
greater record of the useability of fair use is not good for their side. Second, any particular lawsuit
may be an outlier in any direction to a trend. Third, when you initiate a lawsuit, much can happen
that confuses or changes the story, muddying the judgment you wanted to get. For instance, the
artist Shepard Fairey seemed to have a very clear fair use right to use a photograph of Barack
Obama for a poster. But during preparations for the trial, he admitted lying about the photograph
he used, creating great distrust and prejudicing his case. Far better than waiting for a definitive “test
case” is establishing clear standards of interpretation. Such standards can be highly useful in any
ensuing litigation.

MYTH: Fair use is too dangerous; even if you win a lawsuit, your life and finances could be
ruined.

REALITY This is a conclusion that is drawn from two common but unfortunate practices: looking
only at lawsuits, not at practice; and lumping together all kinds of intellectual property conflicts.
If you only look at lawsuits, you will only see danger. If you look at lawsuits in context, you will
see them as the very occasional and circumscribed circumstance in a wide sea of perfectly legal
and uncontested practice. In reality, people are employing fair use casually and comfortably every
single day across the nation, often without thinking about it, and get no trouble at all. They are in
the safe-harbor areas of fair use. You can understand what those are as well. In the rare event of a
copyright lawsuit, defendants have a solid phalanx of pro-bono lawyers who are eager to litigate on
fair use, including Stanford Fair Use Project, the ACLU, EFF, and some intellectual property clinics.
Courts strongly encourage settlement and discourage trials. Anyone who proceeds with litigation has
rejected plenty of opportunities to settle. If defendants decide they do not want to proceed, they
will get plenty of opportunities to settle for relatively small costs. But the most important thing to
remember is that lawsuits are extremely rare, the exception to the rule.

People frequently confuse one kind of danger with another. For instance, the RIAA has sued a
clutch of average-citizen downloaders. The RIAA originally attempted to create enormous publicity
and public awareness about the illegality of downloading copyrighted material available for sale by
a few strategic lawsuits. These lawsuits proved entirely useless in discouraging downloading, while
racking up enormous legal bills for the RIAA and others. But the RIAA's case against downloaders
bore no relation to any fair uses. Downloaders were simply accessing material they could buy for
free, typically to use in exactly the way it was being marketed. The music industry may be backward-
looking, but its legal case was technically sound. It was not grounded in fair use arguments. Fair
users do not need to be frightened of RIAA lawsuits.

MYTH: Fair use is just a defense, not a right.

REALITY: Fair use is in fact a right that comes into play once someone accuses you of
infringement. At that point, you would respond by saying that you had a right to use that material.
Until then, everyone is simply going along minding their own business, creating culture. The right
of defense occurs in other contexts as well. For instance, if you are physically attacked, you have
the right of self-defense. This right never comes into play until you are both attacked and someone
accuses you of hurting them. Then you will invoke your right of self-defense. The fact that fair use is
a defense does not make it any less of a right.

MYTH: Fair use is just an interpretation, not part of the law.

REALITY: Fair use is neither new nor a mere interpretation. A 150-year-old feature of the law
(and widely exercised before that, without being explicitly invoked), it is a key element of a policy
dedicated to promoting culture. Fair use is an essential tool for us to be able to exercise our First
Amendment rights.

MYTH: I can't use fair use, because the copyright holders would never agree to it.

REALITY: Fair use is a right that you employ simply by accessing material, copying it and
incorporating it into your project within an appropriate context. You do not need to get anyone's
permission to do that, and you do not even need to let them know that you did it. Some legitimate
and uncontested claims of fair use are even made after one or more attempts to license; the attempt
to license may even increase one’s case for fair use, if the material is vital to what you are trying to
say. Some people like to alert the people whose work they took, as a gesture of respect or homage,
and this act of politeness is very often deeply appreciated. Sometimes they may want to alert a
vendor or archives holder of their fair use, because they have an ongoing business relationship that
involves licensing, they may want to eliminate ambiguity about the use, and they may want to stay on
the best terms possible.

from the mix-it-up dept

Late last week there was the very unfortunate news of the passing of Adam Yauch, better known as MCA, one-third of the Beastie Boys. I know a few people who have known him, and people only have had the most amazingly nice things to say about the guy. Like plenty of other folks, I've spent the past few days firing up old Beastie Boys albums, and (in particular) their classic Paul's Boutique -- which Nancy Sims rightfully pointed out: "it's a sad copyright lawyer that doesn't at least own" that particular album. And that's because not only is it one of the all-time great albums, it's also well known for including hundreds of samples.

Thankfully, for the world, Paul's Boutique (and a few other classic hip hop albums) got in under the wire, before the industry started throwing around lawsuits against each other for sampling. An analysis last year of what it would cost to clear all the samples if the Beastie Boys decided to put together such an album today, when not clearing every song gets you sued. It turns out that based on how much labels seem to charge for samples, and the massive number of samples on the album, Capitol Records would have lost $20 million on the album, despite it selling 2.5 million copies.

In other words, you could not reasonably clear all the samples. There is no reasonable price.

As a result of that, of course, we can't have the next Paul's Boutique, unless it's done underground and whoever makes it gets lucky that no one spots the work and gets angry. What an incredible step backwards.

In response to all of this, the EFF has pointed out that it would be a fitting tribute to MCA to fix this problem by creating a way to make sure that samples could be used in songs:

We think it’s pretty clear that the samples the Beastie Boys used in Paul’s Boutique and that Girl Talk now uses in his records are classic examples of fair use. Unfortunately, many artists these days are nonetheless under pressure to pay licensing fees for similar uses. Despite the fact that most cases rightfully find that sampling is not copyright infringement, the mere threat of a lawsuit (and the specter of statutory damages) is enough to intimidate musicians and labels alike. This cottage market of sample licensing stands in the way of creating the next Paul's Boutique – a sad comment on MCA's legacy.

The time to come up with a new, effective licensing scheme is long overdue. Young artists should be encouraged to remix and create in all the exciting new ways that technology allows, not sidelined by expensive licensing battles. Solving this problem would go a long way in that direction and be a fitting tribute to MCA, the Beastie Boys, and the fantastic remix culture they helped foster.

Forget the Sonny Bono Copyright Extension Act, where's the Adam Yauch Right To Sample Act? We shouldn't even have to fight for our right to sample. But... such is the unfortunate state of the law.

from the time-to-reconsider dept

There have been a bunch of rulings in a variety of district courts around the country rejecting a variety of ways in which copyright trolling operations have been seeking to use the judicial system as a part of their business model -- not to actually take anyone to court, but merely to (a) identify people they can threaten and (b) threaten them with the possibility of a lawsuit if they don't pay up. Thankfully, an increasing number of judges have been calling the trolls out on this, and saying they won't be a part of this. Usually this comes in the form of rejecting a request for expedited discovery (which would allow the trolls to subpoena subscriber info from ISPs) or arguing that lumping together so many users into a single case was improper.

However, there has been one major exception to these rejections: the case in the DC district court by Judge Beryl Howell... who just happens to have been a former RIAA lobbyist, who only recently left that job to take a seat on the bench. The Howell ruling is regularly cited by trolls as proof that there's nothing wrong with the way in which they pursue these lawsuits -- ignoring a massive number of rulings that say otherwise.

The ISPs in that original case, though, filed by AF Holdings, represented by Prenda Law (which, you may recall, is connected to John Steele), are asking Judge Howell to reconsider (especially in light of all those other rulings). On top of that, they're saying that if she won't reconsider, they'd like to take the issue up to the appeals court before proceeding with the rest of the case. That could become important, as it would be the first time an appeals court weighs in on this. Some public interest groups, including the ACLU and EFF, have filed an amicus brief as well, asking Judge Howell to change her decision concerning discovery.

from the don't-buy-the-hype dept

When the new discussion draft of CISPA was published, many people including myself praised the one point of sincere improvement in the bill: the modified definition of cybersecurity that focused on network attacks. Unfortunately, the authors of the bill are spinning this to suggest that CISPA is now nearly perfect, and some media outlets and even advocacy groups are buying it—even though nothing could be further from the truth, and the White House still opposes the nature of the bill. CISPA still has big, big problems. In fact, closer analysis by the CDT and EFF suggest that the language may be worded to allow what is effectively direct government monitoring of private networks.

Government networks are protected by a network security system called Einstein, which is being steadily expanded to do things like analyze the content of communications. Such software meets all the criteria of a "cybersecurity system" under CISPA, and there is serious concern that the bill would permit the government to offer Einstein or a similar system to private cybersecurity companies. By CISPA's definitions, everything collected by such a system would qualify as "cyber threat information" and thus be open game for sharing with the government—and nothing in the bill would prevent these private systems from being connected live to government databases, effectively uniting them with the government's own security network.

Yes, it would still be voluntary—the government couldn't force a cybersecurity provider to install their software, and the provider would need to get permission from its clients to share the data. But it's not hard to envision a situation developing very quickly, in which the government gets a few major security players hooked up and their clients routinely agree without a second thought. After all, CISPA's extremely limited liability provisions mean there's little to no risk for companies. Some may question whether the government would actually move in this direction under CISPA, but given the fact that the NSA has been trying to expand Einstein to private networks since the Bush administration, giving them the legal ability to do so is a very bad idea.

from the transparency dept

The officials rules from the Obama Administration, when it comes to Freedom of Information requests, is that the default view should be the transparent one. In practice, we've seen exactly the opposite. Studies have shown that the Obama Administration has turned down FOIA requests at a greater rate than the previous administration (which was already pretty damn secretive) and often uses political reasons, rather than genuine secrecy reasons to hide information (for example, claiming ACTA had to be secret for national security reasons).

The EFF (which the administration has highlighted internally as an organization deserving more political scrutiny before documents can be released to it) has now pointed out that it appears that the FBI has extremely arbitrary standards for figuring out what to redact when complying with FOIA requests. Specifically, the EFF asked for multiple documents on two separate occasions and was amazed to find that the redactions were entirely different -- even if the reasons for the redactions were the same:

Through a careful comparison of thousands of pages of documents we received from this FOIA request with the same documents we received from an earlier FOIA request, we found that redactions in many of these duplicated documents were strikingly different. In several cases, the FBI redacted more information in later-produced documents than it did in earlier-produced documents. In other cases, the FBI redacted differing amounts of information when it produced two copies of the same report in response to the same FOIA request. Sometimes the agency blocked out whole paragraphs, while at other times it blocked out only the key words that explain the details of its acts. What is interesting is that the FBI claimed the same FOIA exemptions in each version; it just applied them differently.

What's most troubling is that the documents in question had to do with evidence of the FBI's own misconduct. So, if it's being arbitrary in figuring out what to redact, what's to stop it from just redacting the information it doesn't want to get out? The EFF page discussing this has some funky "slider" functionality that lets you look at the two different versions of redacted documents to see how the redactions appear to change quite arbitrarily. As the EFF notes, there might be less public demand for things like Wikileaks if the US government wasn't so secretive in such an arbitrary manner.

from the get-rid-of-it dept

A few days ago, you may remember, I posted the comments I submitted to the USTR on the Special 301 report, where I pointed out the value of allowing countries to set their own intellectual property policy, rather than forcing everyone to follow US faith-based intellectual property policy. Traditionally, the Special 301 process was a way for industry lobbyists to get the US gov't to put countries they didn't like on a special "watch list," that would lead US diplomats, who didn't even understand the lack of factual basis for the report, to start putting pressure on other countries to change their intellectual property policies to make them more draconian (funny, isn't it, that they only went in one direction?). Basically, lobbyists would submit the details of countries whose IP policies they didn't like, and the USTR would basically turn around and put out a list based on what was submitted, with little effort to actually look at the situation. This year, at least, the public was able to submit comments (such as mine, linked above), but it's unclear how much of an impact that will have.

In the meantime, EFF and Public Knowledge have teamed up to ask the USTR to change the process and, at the very least, stop taking the word of industry lobbyists as if it were gospel. They also suggested that the USTR be more flexible in allowing countries to set their own IP policy -- noting, amusingly, that the US itself famously didn't implement its "international obligations" in the Berne Treaty for decades, because the country felt differently about certain aspects of copyright law. Hell, even today we're not in full compliance with Berne. But for some reason the USTR acts as if other countries need to fall in line with US IP policy, even as we've chosen to go in a different direction when we felt it was warranted.

Of course, the best thing to do isn't to change the Special 301 process, but to ditch it entirely. It serves no reasonable purpose and has been abused by industry representatives for years. It puts a strain on US relations with other countries, and harms the ability for other countries to craft IP policy in the way that they feel will best serve culture and innovation.